| VID |
23180 |
| Severity |
30 |
| Port |
139 |
| Protocol |
TCP |
| Class |
Samba |
| Detailed Description |
The Samba server, according to its version number, has a local information disclosure vulnerability. Samba is an Open Source/Free Software package that provides seamless file and print services to SMB/CIFS clients. Samba versions 3.0.21 through 3.0.21c could allow a local attacker to gain knowledge of sensitive information. The winbindd daemon saves the machine trust account credentials to the world-readable winbind log files in clear text, which may expose the credentials. An attacker could use the machine trust account credentials to impersonate a domain server and obtain information regarding domain users and groups. Successful exploitation requires that log level is set to 5 or above.
* Note: If this check solely relied on the version number of the remote Samba server to assess this vulnerability, then this might be a false positive.
* References:
http://us1.samba.org/samba/security/CVE-2006-1059.html
http://www.securityfocus.com/archive/1/archive/1/429370/100/0/threaded
http://www.frsirt.com/english/advisories/2006/1179
http://securitytracker.com/id?1015850
http://secunia.com/advisories/19455/
* Platforms Affected:
Samba Project, Samba versions 3.0.21 through 3.0.21c
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of Samba (3.0.22 or later), available from the Samba Web site at http://www.samba.org/samba/history/security.html
As a workaround, set the debug level to a value lower than 5. |
| Related URL |
CVE-2006-1059 (CVE) |
| Related URL |
17314 (SecurityFocus) |
| Related URL |
25575 (ISS) |
|
